How to retrieve customer list from Microsoft partner center with Partner REST API using PowerShell

I need to return the list of customers from Microsoft partner center using graph and powershell when i run my code i get a 403 forbidden error message below:

Steps i have taken to provision the app registration in microsoft entra:

1. Created an app registration(Accounts in this organizational directory only (myorgname Ltd only - Single tenant))
2. Under API permission, when i click add permission there is a tab to choose APIs my organization uses i selected it and searched for microsoft partner then added the three results as delegated permission and properly granted admin consent.

The redirect URI i chose mobile and desktop application then typed http://localhost

The account am using is global admin in microsoft 365 and in partner center it has below permissions

The code seems to return the error code when i make request for the customers list endpoint. I don't want to use SDK, is there another way to correct the error? Below is my code

$appId = ""
$appSecret = ""
$tenantId = ""

# Partner Center API Configuration
$scope = "https://api.partnercenter.microsoft.com/.default"

$tokenUrl = "https://login.microsoftonline.com/$tenantId/oauth2/token"

$body = @{
    grant_type    = "client_credentials"
    scope = $scope
    client_id     = $appId
    client_secret = $appSecret
    resource      = "https://api.partnercenter.microsoft.com"
}

$response = Invoke-RestMethod -Method Post -Uri $tokenUrl -Body $body -ContentType "application/x-www-form-urlencoded"
$AccessToken =  $response.access_token


$url = "https://api.partnercenter.microsoft.com/v1/customers"
$headers = @{
    "Authorization" = "Bearer $AccessToken"
    "Accept"        = "application/json"
}

$response = Invoke-RestMethod -Method Get -Uri $url -Headers $headers
$response.items

Upon using partner center SDK to generate the access token using this code below i get this error: even following this article msdoc

$appId = "xxx"
$secretvalue = "xxx"
$tenantId = "xxx" 
$appSecret = ConvertTo-SecureString -String $secretvalue -AsPlainText -Force
$credential = [PSCredential]::new($appId, $appSecret)

$tokenSplat = @{
    ApplicationId        = $appId
    Credential           = $credential
    Scopes               = "https://api.partnercenter.microsoft.com/user_impersonation"
    ServicePrincipal     = $true
    TenantId             = $tenantId
    UseAuthorizationCode = $true
}

$token = New-PartnerAccessToken @tokenSplat

$tokenval = $token.RefreshToken
$tokenval

error i get

Initially, I specified the redirect URI as mobile and desktop application, then inserted ‘http://localhost’ in authentication and changed the authorized public client flow to Yes, and I received the same error.

Response:

After that, I removed the Mobile and Desktop Application option, selected Web, entered http://localhost as the Redirect URI, and changed “Allow Public Client Flows” to “No”.

I successfully ran the PowerShell script without any errors and received an access token.